Originally this was a reply to this article about a Windows feature called Recall, but there’s a good argument the author’s concerns resonate far beyond Windows and Meta to proprietary generally.
Originally this was a reply to this article about a Windows feature called Recall, but there’s a good argument the author’s concerns resonate far beyond Windows and Meta to proprietary generally.
Stop worrying about the country of origin. It’s a FOSS project. The vast majority of Pop’s components are developed independently of the company, and by citizens of various nations. Applying the “USA bad, so product bad” rhetoric is a seriously shortsighted approach. Consider instead the amount of influence exerted by the company. Does Ubuntu still seem like the better choice just because the company is headquartered in the UK?
Besides, if you really want to cut American software out of your life, start with Linux and GNU. Torvalds was born in Finland, but he is a naturalized US citizen, and Linux is developed on American infrastructure and includes significant amount of work from American developers.
They can still sanction your country and then you can’t get updates anymore over official ways, like Fedora and Iran.
It’s just peace of mind to not deal with anything US Based right now
It’s not “USA bad, so product bad”, it’s the concern that the US government can do a lot more to US based projects and you probably wont know untill it’s too late.
That’s really not the case, there’s no proprietary parts to inject this into, and pop is one of the most heavily watched distros for a reason.
The minimal things they add to their particular distro are essentially just theming, and it’d be really obvious if they injected something malicious into it.
It would also NOT be too late because they’re a stable distro and have regular releases, it’d have to be a completely last minute unexpected change for that to be the case.
The code is open though, I don’t check it since I am an idiot but I assume pros would spot irregularities.
Do you have a specific vector of attack here in mind?
I guess most methods of attack on a FOSS projects are independent of the country of origin. But, I could still see them being forced to do things they don’t want in the US, without being able to tell anyone. Hopefully if that ever happened it wouldn’t be too hard to detect, but you never know.
People find vulnerabilities and malware even in closed source projects. Us regime is as malicious as it is incompetent. They trust anyone who can throw a sig heil and prompt a LLM to completely dismantle and rebuild major infrastructure.